Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   10987 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

pam_dce(5)							    pam_dce(5)

NAME
       pam_dce	-  authentication,  account, and password management PAM func‐
       tions for DCE

SYNOPSIS
       /usr/lib/security/libpam_dce.so.1

DESCRIPTION
       The DCE PAM modules allow integration of DCE into the system entry ser‐
       vices  (such  as	 login,	 telnet,  rlogin, ftp) through the pam.conf(4)
       file.  The DCE service module for PAM consists of the  following	 three
       modules:	 the authentication module, the account management module, and
       the password  management	 module.   All	three  modules	are  supported
       through the same loadable library, /usr/lib/security/libpam_dce.so.1 is
       the interface that services the requests from These  requests  will  be
       communicated  to	 the  DCE  security  server,  which  in turn sends the
       response	 back  to  ilogind.  This  response  is	 then  sent  back   to
       /usr/lib/security/libpam_dce.so.1.

Authentication Module
       The  authentication  module  certifies  the  identity of a user and the
       user's credentials.  It passes the authentication key derived from  the
       user's password to the DCE Security Service.  The Security Service then
       uses the authentication key to certify the user and the user's  creden‐
       tials.	The following options can be passed to the authentication mod‐
       ule through the pam.conf(4) file:

	      debug	     Turn on syslog debugging at the LOG_DEBUG level.

	      nowarn	     Turn off warning messages about not being able to
			     acquire DCE credentials.

	      use_first_pass Use  the  initial password (entered when the user
			     is authenticated to the first authentication mod‐
			     ule  in  the stack) to authenticate with DCE.  If
			     the user can not be authenticated or if  this  is
			     the  first	 authentication	 module	 in the stack,
			     quit and do not prompt a password. It  is	recom‐
			     mended  that  this	 option	 be  used  only if the
			     authentication module is designated  as  optional
			     in the pam.conf(4) configuration file.

	      try_first_pass Use  the  initial password (entered when the user
			     is authenticated to the first authentication mod‐
			     ule  in  the PAM stack) to authenticate with DCE.
			     If the user cannot be authenticated or if this is
			     the  first	 authentication	 module	 in the stack,
			     prompt for a password.

       A user must be authenticated and the user's credentials	set  before  a
       system  entry service can access any file directories owned by the user
       that are mounted through DTS.

Account Management Module
       The account management module provides a function  to  perform  account
       management (pam_sm_acct_mgmt(3)).  sends a request to the
	DCE implementation of pam_sm_acct_mgmt(3) function which retrieves the
       user's account and password expiration information from the  DCE	 Secu‐
       rity  Server and verifies that the user's account and password have not
       expired.	 The following options can be passed  to  the  account	module
       through the pam.conf(4) file:

	      debug		  Turn	on  syslog  debugging at the LOG_DEBUG
				  level.

	      nowarn		  Turn off warning messages displayed  when  a
				  user's  account and/or password are going to
				  expire.

       pam_sm_acct_mgmt(3) calls the function sec_login_inquire_net_info(3) to
       retrieve	 information  about  when  a user's account and/or password is
       going to expire.

Password Management Module
       The password management module provides a function to change  passwords
       (pam_sm_chauthtok(3)).	The  following	options	 can  be passed to the
       password module through the pam.conf(4) file:

	      debug	     Turn on syslog debugging at the LOG_DEBUG level.

	      nowarn	     Turn off warning messages about not being able to
			     change passwords.

	      try_first_pass Use  the  initial	password (entered to the first
			     password module in the PAM stack) to authenticate
			     with DCE.	If the user cannot be authenticated or
			     if this is	 the  first  password  module  in  the
			     stack, prompt for a password.

	      use_first_pass Use  the  initial	password (entered to the first
			     password module in the PAM stack) to authenticate
			     with  DCE.	 If user cannot be authenticated or if
			     this is the first password module in  the	stack,
			     quit and do not prompt for a password. It is rec‐
			     ommended that this option be used only if the DCE
			     password  module is designated as optional in the
			     pam.conf(4) configuration file.

SEE ALSO
       pam(3), sec_login_setup_identity(3), sec_login_valid_and_cert_ident(3),
       sec_login_set_context(3),  sec_login_inquire_net_info(3),  pam.conf(4),
       pam_unix(5) ilogind(1m)

HP DCE								    pam_dce(5)

Vote for polarhome